Skizzerz has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/392706 )
Change subject: Make testUserExists() also validate username.
......................................................................
Make testUserExists() also validate username.
Some wikis seem to display bogus results for list=allusers in the API
even if the aufrom and auto params should make it show 0 results. As
such, validate the username returned in addition to the number of users
to ensure that the user we wanted was actually found or not.
Change-Id: I8526f590e7f64a16be1c5eda22dbd3ce852066f2
---
M ExternalWikiPrimaryAuthenticationProvider.php
1 file changed, 3 insertions(+), 1 deletion(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/MediaWikiAuth
refs/changes/06/392706/1
diff --git a/ExternalWikiPrimaryAuthenticationProvider.php
b/ExternalWikiPrimaryAuthenticationProvider.php
index e34ab6f..45761f5 100644
--- a/ExternalWikiPrimaryAuthenticationProvider.php
+++ b/ExternalWikiPrimaryAuthenticationProvider.php
@@ -283,7 +283,9 @@
'aulimit' => 1,
], [], __METHOD__ );
- $this->userCache[$username] = count(
$resp->query->allusers ) === 1;
+ // some MediaWikis *cough*Wikia*cough* display results
for allusers even if there is no exact match
+ // as such we test to ensure the username matches as
well
+ $this->userCache[$username] = count(
$resp->query->allusers ) === 1 && $resp->query->allusers[0]->name === $username;
}
return $this->userCache[$username];
--
To view, visit https://gerrit.wikimedia.org/r/392706
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I8526f590e7f64a16be1c5eda22dbd3ce852066f2
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/MediaWikiAuth
Gerrit-Branch: master
Gerrit-Owner: Skizzerz <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
